I’m trying to get postfix SMTP working and I’m just having a hell of a time. I just really don’t know where to start on getting it configured correctly, which is why I’m getting ‘relay access denied’ errors.
Is there a walkthrough somewhere on getting postfix authentication working with virtualmin/unix users?
My configuration file is WAY too simple to be doing anything effectively, but I’m not entirely sure what to add in it 
Any help here is appreciated.
Kevin
OK, an update here. I just found the instructions at
http://www.virtualmin.com/faq/one-faq?faq_id=1511#33021
I followed them to a T and they helped a lot. Now, instead of instantly being denied because of relay problems, it asks me for my password. But it never lets me log in. It takes probably 10 seconds probably to ask for a password, but once I enter it, it never accepts it.
I can post any configuration files or settings here that you guys need…just let me know.
Kevin
OK - figured out what the issue is:
If I log in with: kevin-thatscriptguy.com it works perfectly. But due to the fact that I’m moving a ton of cpanel accounts over, I need it to instead accept user@domain.
I’m sure this is a simple setting somewhere in postfix…hopefully
I don’t see any recipient restrictions…which defaults to mostly rejecting everything except localhost. There may be something else, but that’ll definitely prevent anything good.
smtpd_recipient_restrictions = permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
Yeah - I had forgotten to add those lines back in after accidentally clearing them. I have a feeling that once I’m able to actually connect, I’ll be able to login…but for some reason, telnet localhost 25 is refused immediately (used to work just fine)
Postfix is up and running and as of right now there is no firewall on the system. Any ideas as to why I can’t connect to port 25?
Kevin
Hey Kevin,
What’s in the maillog when you try to connect? And how about when you restart postfix? It’s always useful to know what Postfix thinks is going on.
Also:
inet_interfaces = localhost
Isn’t going to work except locally (this is saying “listen only on the localhost, or 127.0.0.1, address”). Change it to all.
If changing that doesn’t help, and if you can’t make sense of what’s in the maillog, send along a few lines of it. Also, resend the postfix configuration without comments. You can get it by running the postconf command (this also includes default settings not explicitly set in the main.cf file, but that’s alright).
Postfix configuration:
http://www.thatscriptguy.com/postconf.txt
Where is the error log for postfix located at?
I’ve messed with it for the past few hours and I’ve still got nothing. And I still don’t know where that error log is at…
grrr
Eh…I’ve looked in /var/log a million times and kept missing maillog…tiredness causes problems sometimes…
I was able to decipher the error log and now the machine is receiving mail again…that’s a good sign
However, the error log is showing the following one thing that’s tripping me up…
warning: do not list domain thatscriptguy.com in BOTH mydestination and virtual_alias_domains
In the configuration file, mydestination doesn’t list thatscriptguy.com and I don’t even have a section listing virtual_alias_domains…??
Also, Joe, or anyone else…I can still only authenticate using user-domain to log in for SMTP. When I do this, it works wonderfully, but I really need to be able to log in with user@domain…
Also, Joe, or anyone else…I can still only authenticate using user-domain to log in for SMTP. When I do this, it works wonderfully, but I really need to be able to log in with user@domain
Check the FAQ again. 
This one is covered:
http://www.virtualmin.com/faq/one-faq?faq_id=1511#51230
You’re looking for the second paragraph about Cyrus saslauthd.
Hey Kevin,
warning: do not list domain thatscriptguy.com in BOTH mydestination and virtual_alias_domains
Give your system a full name (www.thatscriptguy.com, or whatever), or remove $myhostname/$mydomain from mydestination. It’s set by default to:
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
You’d rip out the two $my* variables.
Thanks a ton Joe! I can now authenticate using user@domain!
NOW, however, I’ve messed up the receiving end again. (I just can’t get anything to work…grr…)
This one seems simple though…
If I send a mail to kevin@thatscriptguy.com, it now bounces with the following error:
kevin-thatscriptguy.com@thatscriptguy.com (expanded from
kevin@thatscriptguy.com): User unknown in virtual alias table
Final-Recipient: rfc822; kevin-thatscriptguy.com@thatscriptguy.com
Original-Recipient: rfc822;kevin@thatscriptguy.com
Action: failed
Status: 5.0.0
Diagnostic-Code: X-Postfix; User unknown in virtual alias table
You know what the deal is with this one?
Also Joe, one more tiny thing (we’re getting there, I promise…)
If I try to receive mail for an additional domain, I get a BadMailboxName error…
Any tips on that?
Hey Kevin,
If I try to receive mail for an additional domain, I get a BadMailboxName error…
Any tips on that?
Same as always:
Look in maillog, and if you’re unsure what to make of it, send the relevant entries along to us here. I’ve never seen a “BadMailboxName” error…not sure where that would be coming from…but if I see the entries from the maillog, I’ll be able to guide you.
Here is the tail end of the log right after I attempted login…
Mar 6 17:22:39 thatscriptguy dovecot: imap-login: Login: user=<kevin@billiardstalk.com>, method=PLAIN, rip=168.144.108.19, lip=66.90.121.92
Mar 6 17:22:39 thatscriptguy dovecot: IMAP(kevin@billiardstalk.com): Disconnected
Mar 6 17:22:40 thatscriptguy dovecot: imap-login: Login: user=<kevin@billiardstalk.com>, method=PLAIN, rip=168.144.108.19, lip=66.90.121.92
Mar 6 17:22:40 thatscriptguy dovecot: IMAP(kevin@billiardstalk.com): open() failed with mbox file /var/mail/kevin-billiardstalk.com: Permission denied
Mar 6 17:22:40 thatscriptguy dovecot: IMAP(kevin@billiardstalk.com): Disconnected
The permissions for kevin-billiardstalk.com are the same as kevin-thatscriptguy.com (user is different but group is the same…)
Kevin
Once again I figured it out…
For some reason (bug in virtualmin I assume) kevin-billiardstalk.com was owned by larrycms.com:mail…
One last tiny thing is still not working, and that’s that postfix is for some reason adding @thatscriptguy.com to the end of all email addresses (IE: I send mail to kevin@billiardstalk.com and it turns it into kevin-billiardstalk.com@thatscriptguy.com and of course that bounces…)
Where is the setting that controls these rewrites? Once this is solved I’ll be a happy man
Thanks
WOO HOO! I fixed my own problems (bet Joe is glad to hear that)
For future reference, I changed my mydestination line to the following:
mydestination = localhost.$mydomain, localhost, $mydomain, $myhostname
This fixed all of my issues completely. I can send internal mail and all of those other goodies that weren’t working before…awesome
I suspect you’ve got myorigin set. If everything else is right, you don’t need (and don’t want, because it’ll behave as you’ve described) this option set.
Nope - myorigin lines are commented out. Fixing that one line fixed everything for me…